CVE-2021-27017

Summary

Utilization of a module presented a security risk by allowing the deserialization of untrusted/user supplied data. This is resolved in the Puppet Agent 7.4.0 release.

Affected Software

VendorProductVersion RangeStatus
PuppetPuPuppet Agent0.0.0 < 7.4.0affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References